1. Field of the Invention
The present invention relates to providing security in computerized databases. More specifically, the present invention relates to a method and an apparatus for selectively auditing accesses to relational database tables based upon auditing conditions.
2. Related Art
Databases commonly store highly sensitive data, such as salaries, corporate financial data, and even classified military secrets. For security reasons it is essential to be able to audit accesses to this sensitive data. Conventional database systems typically provide a general auditing facility that records an audit trail containing general information about the user and the query issued.
However, conventional auditing facilities have a number of shortcomings. They do not record specific information about the application, the session environment or most importantly, the query results. Consequently, information gathered by a conventional auditing facility is frequently insufficient to reconstruct an event, or even to determine whether access rights have been violated.
In conventional relational database systems, auditing facilities only record information regarding which tables are accessed, not whether certain rows inside a given table are accessed. This table-level auditing tends to generate a large number of false audit records because many accesses to a given table do not touch sensitive data.
What is needed is an auditing mechanism that can specify a finer granularity of audit conditions during accesses to relational tables in order to minimize the number of false audit records that are generated.
Another problem in auditing database accesses arises in distributed database architectures, in which an application located on an application server sends a query to a database located on a database server. In this type of distributed architecture, auditing is typically performed by embedding customized auditing mechanisms into the application on the applications server, not at the database server. Relying on the application to perform auditing can give rise to many problems because a large number of applications can potentially access the database. Consequently, it is almost impossible to ensure that each one of these applications is configured to perform the auditing properly.
What is needed is an auditing mechanism for database accesses which does not rely on applications outside of the database server to perform auditing.